Using WP Super Cache
? The plug-in doesn't deny browsing the cache/meta/
directory, which is allowed by
default on most web servers. These files containing e.g. session keys are publicly readable. Admin sessions
can be easily hijacked. The vendor doesn't consider this "strictly" as a problem with the plug-in.